Weekend Reads 101819

When you look into many of these breaches, the root cause boils down to an employee or contractor who clicked a link where malicious code was downloaded and executed on the system. This can happen via email, messaging or other delivery mechanisms where the attacker knows enough to entice the target to click the link. —Lamar Bailey

The United States, its states, and its local governments are in dire need of universal fiber plans. Major telecom carriers such as AT&T and Verizon have discontinued their fiber-to-the-home efforts, leaving most people facing expensive cable monopolies for the future. —Bennett Cyphers & Ernesto Falcon

Zero trust. It certainly doesn’t sound in touch with our self-organizing, agile software development culture. Only organizations built on trust can be successful. After all, happiness at work is directly linked to productivity and profit. So, if we know all this, why is Zero Trust a trending topic? —Jennifer Riggins

Blogging, certainly “citizen blogging,” is dead—haven’t you noticed? So too a host of other enthusiasms and ideas that once seemed poised to transform culture. In 2006, Wired editor Chris Anderson predicted a coming new economy in niche markets, the so-called long tail of online consumerism.

Fed up with living in an expensive city or community? Eager to bring your stress level down? Interested in working hours you prefer and from your home? That may sound like a TV infomercial, but the fact is: working remotely in a low-cost area is becoming easier at a time when it’s also becoming more appealing. —Kerry Hannon

Ever since intelligence contractor Edward Snowden leaked classified information about the degree to which the US government surveilled and collected information on US citizens, digital-rights groups and many technology companies have warned about potential access that third parties have to cloud data. —Robert Lemos

Pivoting from its Java roots, the Eclipse Foundation has launched the Eclipse Cloud Development Tools Working Group (ECD WG), a vendor-neutral body focusing on cloud development tools. Broadcom, IBM, Red Hat, and SAP are among the initial backers of this initiative. —Joab Jackson

What actually happens to workers when a company deploys automation? The common assumption seems to be that the employee simply disappears wholesale, replaced one-for-one with an AI interface or an array of mechanized arms. —Brian Merchant

Most people don’t read the news. Instead, they read the headline and determine if it’s worth sharing. —David Gee

Let’s go step-by-step and do some basic live process forensics for Linux. Today’s attack is a bind shell backdoor waiting for a connection on Ubuntu. —Craig Rowland

In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capabilities that few other actors in the world have.

Attackers attempting to dodge more advanced security defenses increasingly are adopting more sophisticated techniques to fool victims with their malicious e-mail messages and websites. —Robert Lemos